diff --git a/.github/workflows/container-image-build.yml b/.github/workflows/container-image-build.yml new file mode 100644 index 0000000000..20fb1e7c4c --- /dev/null +++ b/.github/workflows/container-image-build.yml @@ -0,0 +1,88 @@ +--- +name: Build Kolla container images +on: + workflow_dispatch: + inputs: + regexes: + description: Space-separated list of regular expressions matching images to build + type: string + required: false + default: "" + +env: + ANSIBLE_FORCE_COLOR: True +jobs: + build: + name: Build Kolla container images + runs-on: [self-hosted, stackhpc-kayobe-config-kolla-builder] + steps: + - uses: actions/checkout@v3 + with: + path: src/kayobe-config + + - name: Clone StackHPC Kayobe repository + uses: actions/checkout@v3 + with: + repository: stackhpc/kayobe + ref: refs/heads/stackhpc/wallaby + path: src/kayobe + + # FIXME: Failed in kolla-ansible : Ensure the latest version of pip is installed + - name: Install dependencies + run: | + sudo dnf -y install python3-virtualenv + + - name: Setup networking + run: | + if ! ip l show breth1 >/dev/null 2>&1; then + sudo ip l add breth1 type bridge + fi + sudo ip l set breth1 up + if ! ip a show breth1 | grep 192.168.33.3/24; then + sudo ip a add 192.168.33.3/24 dev breth1 + fi + if ! ip l show dummy1 >/dev/null 2>&1; then + sudo ip l add dummy1 type dummy + fi + sudo ip l set dummy1 up + sudo ip l set dummy1 master breth1 + + - name: Install Kayobe + run: | + mkdir -p venvs && + pushd venvs && + python3 -m venv kayobe && + source kayobe/bin/activate && + pip install -U pip && + pip install ../src/kayobe + + - name: Bootstrap the control host + run: | + source venvs/kayobe/bin/activate && + source src/kayobe-config/kayobe-env --environment ci-builder && + kayobe control host bootstrap + + - name: Configure the seed host + run: | + source venvs/kayobe/bin/activate && + source src/kayobe-config/kayobe-env --environment ci-builder && + kayobe seed host configure + env: + KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} + + - name: Build and push kolla overcloud images + run: | + source venvs/kayobe/bin/activate && + source src/kayobe-config/kayobe-env --environment ci-builder && + kayobe overcloud container image build ${{ github.events.input.regexes }} --push + env: + KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} + + - name: Get the container image tag + run: | + echo "::set-output name=kolla_tag::$(cat ~/kolla_tag)" + id: kolla_tag + + - name: Display the container image tag + run: | + echo "${{ steps.kolla_tag.outputs.kolla_tag }}" diff --git a/README.rst b/README.rst index 0454cbb1a8..1b099325cc 100644 --- a/README.rst +++ b/README.rst @@ -216,6 +216,112 @@ with the push repository using the pulp CLI: Started background task /pulp/api/v3/tasks/1f0a474a-b7c0-44b4-9ef4-ed633077f4d8/ .Done. +Environments +============ + +The following Kayobe environments are provided with this configuration: + +* ``ci-builder``: builds container images + +ci-builder +---------- + +The ``ci-builder`` Kayobe environment is used to build Kolla container images. +Images are built using package repositories in the StackHPC development Pulp +service, and pushed there once built. + +Prerequisites +^^^^^^^^^^^^^ + +* a CentOS Stream 8 host +* access to the local Pulp server + +Setup +^^^^^ + +Access the host via SSH. + +Clone the Kayobe and Kayobe configuration repositories (this one): + +.. code-block:: console + + cd + mkdir -p src + pushd src + git clone https://github.com/stackhpc/kayobe.git -b stackhpc/wallaby + git clone https://github.com/stackhpc/stackhpc-kayobe-config -b stackhpc/wallaby + popd + +Create a virtual environment and install Kayobe: + +.. code-block:: console + + cd + mkdir -p venvs + pushd venvs + virtualenv kayobe + source kayobe/bin/activate + pip install -U pip + pip install ../src/kayobe + popd + +Add initial network configuration: + +.. code-block:: console + + sudo ip l add breth1 type bridge + sudo ip l set breth1 up + sudo ip a add 192.168.33.3/24 dev breth1 + sudo ip l add dummy1 type dummy + sudo ip l set dummy1 up + sudo ip l set dummy1 master breth1 + +Installation +^^^^^^^^^^^^ + +Acquire the Ansible Vault password for this repository, and store a copy at +``~/vault-pw``. + +The following commands install Kayobe and its dependencies, and prepare the +Ansible control host. + +.. code-block:: console + + export KAYOBE_VAULT_PASSWORD=$(cat ~/vault-pw) + pushd ~/venvs/kayobe + source bin/activate + popd + pushd ~/src/kayobe-config + source kayobe-env --environment ci-builder + kayobe control host bootstrap + +Deployment +^^^^^^^^^^ + +Next, configure the host OS & services. + +.. code-block:: console + + kayobe seed host configure + +Building images +^^^^^^^^^^^^^^^ + +At this point you are ready to build and push some container images. + +.. code-block:: console + + kayobe seed container image build --push + kayobe overcloud container image build --push + +The container images are tagged as ``wallaby-``. This Kayobe +configuration includes a hook that writes the tag to ``~/kolla_tag``, since +it is not always simple to determine which tag was last applied to built +images. + +To use the new images, edit +``~/src/kayobe-config/etc/kayobe/kolla.yml`` to set the above +tag as the value of the ``kolla_openstack_release`` variable. Resources ========= diff --git a/etc/kayobe/ansible/filter_plugins b/etc/kayobe/ansible/filter_plugins new file mode 120000 index 0000000000..408c2e522f --- /dev/null +++ b/etc/kayobe/ansible/filter_plugins @@ -0,0 +1 @@ +../../../../kayobe/ansible/filter_plugins/ \ No newline at end of file diff --git a/etc/kayobe/ansible/group_vars b/etc/kayobe/ansible/group_vars new file mode 120000 index 0000000000..90b34773f5 --- /dev/null +++ b/etc/kayobe/ansible/group_vars @@ -0,0 +1 @@ +../../../../kayobe/ansible/group_vars/ \ No newline at end of file diff --git a/etc/kayobe/ansible/test_plugins b/etc/kayobe/ansible/test_plugins new file mode 120000 index 0000000000..9c5bfe3611 --- /dev/null +++ b/etc/kayobe/ansible/test_plugins @@ -0,0 +1 @@ +../../../../kayobe/ansible/test_plugins/ \ No newline at end of file diff --git a/etc/kayobe/ansible/write-kolla-tag.yml b/etc/kayobe/ansible/write-kolla-tag.yml new file mode 100644 index 0000000000..e0099bb878 --- /dev/null +++ b/etc/kayobe/ansible/write-kolla-tag.yml @@ -0,0 +1,19 @@ +--- +- name: Write out value of kolla_tag + hosts: localhost + gather_facts: no + vars: + kolla_tag_dest: ~/kolla_tag + tasks: + - name: Query image tag + shell: + cmd: >- + grep '^tag' {{ kolla_build_config_path }}/kolla-build.conf | + sed 's/tag\s=\s\(.*\)/\1/' + become: true + register: tag + + - name: Write out value of kolla_tag + copy: + content: "{{ tag.stdout }}" + dest: "{{ kolla_tag_dest }}" diff --git a/etc/kayobe/environments/ci-builder/globals.yml b/etc/kayobe/environments/ci-builder/globals.yml new file mode 100644 index 0000000000..e3c0171ace --- /dev/null +++ b/etc/kayobe/environments/ci-builder/globals.yml @@ -0,0 +1,15 @@ +--- +# Kayobe global configuration. + +############################################################################### +# OS distribution. + +# OS distribution name. Valid options are "centos", "ubuntu". Default is +# "centos". +os_distribution: "{{ lookup('pipe', '. /etc/os-release && echo $ID') | trim }}" + +############################################################################### +# SELinux. + +# Avoid a reboot. +disable_selinux_do_reboot: false diff --git a/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/network-interfaces b/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/network-interfaces new file mode 100644 index 0000000000..9abceec09d --- /dev/null +++ b/etc/kayobe/environments/ci-builder/inventory/group_vars/seed/network-interfaces @@ -0,0 +1,13 @@ +--- +############################################################################### +# Network interface definitions for the controller group. + +# Controller interface on all-in-one network. +aio_interface: breth1 +# Use dummy1 if it exists, otherwise the bridge will have no ports. +aio_bridge_ports: "{{ ['dummy1'] if 'ansible_dummy1' in hostvars[inventory_hostname] else [] }}" + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes + diff --git a/etc/kayobe/environments/ci-builder/inventory/groups b/etc/kayobe/environments/ci-builder/inventory/groups new file mode 100644 index 0000000000..155f353e24 --- /dev/null +++ b/etc/kayobe/environments/ci-builder/inventory/groups @@ -0,0 +1,14 @@ +[seed] + +[container-image-builders:children] +seed + +[network] + +[docker:children] +# Hosts in this group will have Docker installed. +seed + +[ntp:children] +# Kayobe will configure Chrony on members of this group. +seed diff --git a/etc/kayobe/environments/ci-builder/inventory/hosts b/etc/kayobe/environments/ci-builder/inventory/hosts new file mode 100644 index 0000000000..33fda8b737 --- /dev/null +++ b/etc/kayobe/environments/ci-builder/inventory/hosts @@ -0,0 +1,3 @@ +# A 'seed' host used for building images. +[seed] +builder diff --git a/etc/kayobe/environments/ci-builder/kolla.yml b/etc/kayobe/environments/ci-builder/kolla.yml new file mode 100644 index 0000000000..4711dff147 --- /dev/null +++ b/etc/kayobe/environments/ci-builder/kolla.yml @@ -0,0 +1,14 @@ +--- +# Kayobe Kolla configuration. + +############################################################################### +# Kolla configuration. + +# Docker tag applied to built container images. Default is +# {{ kolla_openstack_release }}. +# Tag images with the timestamp at which facts were gathered. +kolla_tag: "{{ openstack_release }}-{{ ansible_facts.date_time.iso8601_basic_short }}" + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/environments/ci-builder/kolla/.keep b/etc/kayobe/environments/ci-builder/kolla/.keep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/etc/kayobe/environments/ci-builder/network-allocation.yml b/etc/kayobe/environments/ci-builder/network-allocation.yml new file mode 100644 index 0000000000..d17410ccca --- /dev/null +++ b/etc/kayobe/environments/ci-builder/network-allocation.yml @@ -0,0 +1,4 @@ +--- +aio_ips: + builder: 192.168.33.3 + diff --git a/etc/kayobe/environments/ci-builder/networks.yml b/etc/kayobe/environments/ci-builder/networks.yml new file mode 100644 index 0000000000..a72481bc6e --- /dev/null +++ b/etc/kayobe/environments/ci-builder/networks.yml @@ -0,0 +1,114 @@ +--- +# Kayobe network configuration. + +############################################################################### +# Network role to network mappings. + +# Map all networks to the all-in-one network. + +# Name of the network used for admin access to the overcloud +#admin_oc_net_name: +admin_oc_net_name: aio + +# Name of the network used by the seed to manage the bare metal overcloud +# hosts via their out-of-band management controllers. +#oob_oc_net_name: +oob_oc_net_name: aio + +# Name of the network used by the seed to provision the bare metal overcloud +# hosts. +#provision_oc_net_name: +provision_oc_net_name: aio + +# Name of the network used by the overcloud hosts to manage the bare metal +# compute hosts via their out-of-band management controllers. +#oob_wl_net_name: +oob_wl_net_name: aio + +# Name of the network used by the overcloud hosts to provision the bare metal +# workload hosts. +#provision_wl_net_name: +provision_wl_net_name: aio + +# Name of the network used to expose the internal OpenStack API endpoints. +#internal_net_name: +internal_net_name: aio + +# List of names of networks used to provide external network access via +# Neutron. +# Deprecated name: external_net_name +# If external_net_name is defined, external_net_names will default to a list +# containing one item, external_net_name. +#external_net_names: +external_net_names: + - aio + +# Name of the network used to expose the public OpenStack API endpoints. +#public_net_name: +public_net_name: aio + +# Name of the network used by Neutron to carry tenant overlay network traffic. +#tunnel_net_name: +tunnel_net_name: aio + +# Name of the network used to carry storage data traffic. +#storage_net_name: +storage_net_name: aio + +# Name of the network used to carry storage management traffic. +#storage_mgmt_net_name: +storage_mgmt_net_name: aio + +# Name of the network used to carry swift storage data traffic. +#swift_storage_net_name: +swift_storage_net_name: aio + +# Name of the network used to carry swift storage replication traffic. +#swift_storage_replication_net_name: +swift_storage_replication_net_name: aio + +# Name of the network used to perform hardware introspection on the bare metal +# workload hosts. +#inspection_net_name: +inspection_net_name: aio + +# Name of the network used to perform cleaning on the bare metal workload +# hosts +#cleaning_net_name: +cleaning_net_name: aio + +############################################################################### +# Network definitions. + +# All-in-one network. +aio_cidr: 192.168.33.0/24 +aio_allocation_pool_start: 192.168.33.3 +aio_allocation_pool_end: 192.168.33.30 + +############################################################################### +# Network virtual patch link configuration. + +# Suffix for Open vSwitch bridge names. +#network_bridge_suffix_ovs: + +# Prefix for virtual patch interface names. +#network_patch_prefix: + +# Suffix for virtual patch link interface names when connected towards the +# physical interface. +#network_patch_suffix_phy: + +# Suffix for virtual patch link interface names when connected towards the +# OVS bridge. +#network_patch_suffix_ovs: + +############################################################################### +# Network routing table configuration. + +# List of IP routing tables. Each item should be a dict containing 'id' and +# 'name' items. These tables will be added to /etc/iproute2/rt_tables. +#network_route_tables: + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml new file mode 100644 index 0000000000..b7224e73b4 --- /dev/null +++ b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml @@ -0,0 +1,72 @@ +--- +############################################################################### +# Kolla configuration. + +# Docker namespace to use for Kolla images. Default is 'kolla'. +kolla_docker_namespace: stackhpc-dev + +# Kolla feature flag configuration. +kolla_enable_barbican: true +kolla_enable_central_logging: true +kolla_enable_cinder: true +kolla_enable_cloudkitty: true +kolla_enable_designate: true +kolla_enable_elasticsearch_curator: true +kolla_enable_grafana: true +kolla_enable_influxdb: true +kolla_enable_ironic: true +kolla_enable_magnum: true +kolla_enable_manila: true +kolla_enable_mariabackup: true +kolla_enable_neutron_sriov: true +kolla_enable_octavia: true +kolla_enable_ovn: true +kolla_enable_prometheus: true +kolla_enable_redis: true + +############################################################################### +# Network configuration. + +# Don't touch resolv.conf: use Neutron DNS for accessing Pulp server via +# hostname. +resolv_is_managed: false + +############################################################################### +# StackHPC configuration. + +# Host and port of a package repository mirror. +# Build against the development Pulp service repositories. +stackhpc_repo_mirror_url: "http://pulp-server.internal.sms-cloud:8080" + +# Build against released Pulp repository versions. +stackhpc_repo_centos_stream_baseos_version: "{{ stackhpc_pulp_repo_centos_stream_8_baseos_version }}" +stackhpc_repo_centos_stream_appstream_version: "{{ stackhpc_pulp_repo_centos_stream_8_appstream_version }}" +stackhpc_repo_centos_stream_extras_version: "{{ stackhpc_pulp_repo_centos_stream_8_extras_version }}" +stackhpc_repo_epel_version: "{{ stackhpc_pulp_repo_epel_version }}" +stackhpc_repo_epel_modular_version: "{{ stackhpc_pulp_repo_epel_modular_version }}" +stackhpc_repo_docker_version: "{{ stackhpc_pulp_repo_docker_version }}" +stackhpc_repo_centos_stream_advanced_virtualization_version: "{{ stackhpc_pulp_repo_centos_stream_8_advanced_virtualization_version }}" +stackhpc_repo_centos_stream_nfv_openvswitch_version: "{{ stackhpc_pulp_repo_centos_stream_8_nfv_openvswitch_version }}" +stackhpc_repo_centos_stream_openstack_wallaby_version: "{{ stackhpc_pulp_repo_centos_stream_8_openstack_wallaby_version }}" +stackhpc_repo_centos_stream_powertools_version: "{{ stackhpc_pulp_repo_centos_stream_8_powertools_version }}" +stackhpc_repo_centos_opstools_version: "{{ stackhpc_pulp_repo_centos_8_opstools_version }}" +stackhpc_repo_centos_stream_storage_ceph_pacific_version: "{{ stackhpc_pulp_repo_centos_stream_8_storage_ceph_pacific_version }}" +stackhpc_repo_elasticsearch_logstash_kibana_7_x_version: "{{ stackhpc_pulp_repo_elasticsearch_logstash_kibana_7_x_version }}" +stackhpc_repo_grafana_version: "{{ stackhpc_pulp_repo_grafana_version }}" +stackhpc_repo_rabbitmq_erlang_version: "{{ stackhpc_pulp_repo_rabbitmq_erlang_version }}" +stackhpc_repo_rabbitmq_server_version: "{{ stackhpc_pulp_repo_rabbitmq_server_version }}" +stackhpc_repo_treasuredata_4_version: "{{ stackhpc_pulp_repo_treasuredata_4_version }}" + +# Host and port of container registry. +# Push built images to the Ark registry. +stackhpc_docker_registry: "{{ stackhpc_release_pulp_url | regex_replace('^https?://', '') }}" + +# Username and password of container registry. +stackhpc_docker_registry_username: "release-train-ci" +stackhpc_docker_registry_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 38356134376436656165303634626531653836366233383531343439646433376334396438373735 + 3135643664353934356237376134623235356137383263300a333165386562396134633534376532 + 34386133383366326639353432386235336132663839333337323739633434613934346462363031 + 3265323831663964360a643962346231386462323236373963633066393736323234303833363535 + 3664 diff --git a/etc/kayobe/hooks/overcloud-container-image-build/post.d/50-write-kolla-tag.yml b/etc/kayobe/hooks/overcloud-container-image-build/post.d/50-write-kolla-tag.yml new file mode 120000 index 0000000000..c685974a22 --- /dev/null +++ b/etc/kayobe/hooks/overcloud-container-image-build/post.d/50-write-kolla-tag.yml @@ -0,0 +1 @@ +../../../ansible/write-kolla-tag.yml \ No newline at end of file